See the original story in Japanese.
Tokyo-based DataSign, a startup offering a service for managing and using personal data, officially launched the Paspit personal data management service with the aim to realize an “information bank” with a built-in PDS (Personal Data Store). Since Paspit functions as a Chrome Extension, it can only be used with Google Chrome.
An information bank is a third party service that enables individuals to manage and control information by depositing their own personal data. While various online and offline services are increasing, giving personal data to these service providers involves various risks. Information could leak inadvertently, and even if a user opts out of the service, it depends on the morale of the provider as to whether personal data is deleted or not.
In the information bank, the user registers their original personal data, and it is possible to control what personal data is shared with whichever service they want to use by following the user’s instructions regarding permission/denial. If a user sets up a policy of permissions/denials in advance, it is not necessary to grant permission/denial each time they use Paspit. By using an information bank, even if information leaks from services used by the user, risks are reduced because the services do not hold the original data, and even if the service provider does not allow users to opt-out, it is possible to forcibly withdraw from said service.
- Japan takes step toward enormous bank of personal data (Nikkei Asian Review)
One example of how users could use it on a daily basis is by changing from paying for services online using a credit card to using a PayPal account. The risk of a leaked credit card number decreases, and in the case of recurring charges, contracts can be forcibly canceled at the request of the user. Another daily use example could be using it to authenticate oneself with sites like Facebook and Twitter, rather than entering a user ID and password each time (reducing the risk of ID and password leakage).
In order to create an information bank with a built-in PDS, it is desirable to have various other services acting as neutral entities; also, it is necessary to redirect all kinds of personal data such as user IDs/passwords/payment information and relay it to the original service, which will take a certain amount of time to finalize. DataSign released Paspit as a password management tool that can become a foothold for opening such an information bank. The set of user ID/password for each web service is stored on Paspit, and authentication with the web service is carried out by an irreversible hash value (token) that corresponds to the user ID/password on a one-to-one basis.
The biggest feature of Paspit is that it uses web scraping when authenticating users using hash values with web services. Previously, to make web services which only accept credit card payments recognize PayPal payments or to make web services that only work with regular user ID/password authentication correspond to Facebook and Twitter authentication, even though it is a minor thing, it was necessary to integrate with some sort of API. However, since Paspit uses web scraping, basically it can correspond to all web services.
DataSign currently works with market research big names like Intage and Video Research on development and experiments that allow companies to offer rewards when users agree to provide their personal data (opt-in). In the field of information banks, Dentsu and Mitsubishi UFG Trust and Bank, etc., have expressed interest in participating, but it is certainly significant that a “sprightly” startup is stepping up to the challenge to provide a neutral service that can release information even against competing services.
DataSign was established in September of 2016 by Yuichi Oota, who previously served as the president of Owldata, Japan’s first DMP (datamanagement platform) developer. The company has been raising funds from individual investors.
Translated by Amanda Imasaka
Edited by Masaru Ikeda